security example has been added

codeasarjun · codeasarjun · commit ce6e303957cc · 2024-08-18T08:39:05.000+05:30
diff --git a/17-security/README.md b/17-security/README.md
@@ -0,0 +1,32 @@
+
+This directory contains examples and practices for improving security in Python applications.
+
+## Files
+
+### `password_hashing.py`
+This script demonstrates how to hash passwords using bcrypt and how to verify them. Hashing passwords is crucial for protecting user credentials.
+
+#### Usage
+To hash a password:
+```python
+from password_hashing import hash_password
+
+hashed_password = hash_password("your_password")
+print(hashed_password)
+```
+
+
+# secure_coding_practices.py
+
+This script provides examples of secure coding practices, including input validation and sanitization. Proper input handling is essential to prevent common security vulnerabilities such as SQL injection, cross-site scripting (XSS), and other types of attacks.
+
+## Usage
+
+### To validate an email address:
+
+```python
+import re
+def is_valid_email(email: str) -> bool:
+    pattern = r'^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$'
+    return re.match(pattern, email) is not None
+```
diff --git a/17-security/password_hashing.py b/17-security/password_hashing.py
@@ -0,0 +1,21 @@
+import hashlib
+import os
+
+def hash_password(password: str) -> str:
+    salt = os.urandom(16)
+    dk = hashlib.pbkdf2_hmac('sha512', password.encode(), salt, 100000)
+    return salt + dk
+
+def verify_password(stored_hash: bytes, password: str) -> bool:
+    salt = stored_hash[:16]
+    stored_key = stored_hash[16:]
+    dk = hashlib.pbkdf2_hmac('sha512', password.encode(), salt, 100000)
+    return stored_key == dk
+
+if __name__ == "__main__":
+    password = "supersecret"
+    hashed_password = hash_password(password)
+    print(f"Hashed Password: {hashed_password}")
+
+    is_correct = verify_password(hashed_password, password)
+    print(f"Password Match: {is_correct}")
diff --git a/17-security/secure_coding_practices.py b/17-security/secure_coding_practices.py
@@ -0,0 +1,17 @@
+import re
+
+def is_valid_email(email: str) -> bool:
+    pattern = r'^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$'
+    return re.match(pattern, email) is not None
+
+def sanitize_input(user_input: str) -> str:
+    """sanitize input to prevent injection attacks."""
+    return re.sub(r'[^\w\s]', '', user_input)
+
+if __name__ == "__main__":
+    email = "test@example.com"
+    print(f"Is valid email: {is_valid_email(email)}")
+
+    user_input = "DROP TABLE users; --"
+    sanitized = sanitize_input(user_input)
+    print(f"Sanitized input: {sanitized}")
